Corporations Face Problems with Employee Emails

TwistedOne151 writes "Law.com has an article outlining how the casual attitude of many employees toward work e-mails has resulted in some thorny problems for corporate in-house counsel. 'It has now become routine even in civil investigations for computers to be subpoenaed so lawyers can look at e-mails and hard drives. And one thing always leads to another. "We have forensic software that shows multiple levels of deletions. It shows thought processes. We can learn far more than from just a document alone," said [Scott] Sorrels. "E-mails have taken over the world."'"

Wait, emails have taken over the world?!

[Seumas]

I thought we just had a slew of articles around the internet telling us that email is dead and it's all about myspace and instant messaging?

Anyway, if you have truly devious intentions, simply use the telephone or speak in person. It works for the president and it has worked for the mafia (at least, it did in GoodFellas).

surprise

[wizardforce]

THe one thing that can never really be dealt with in terms of keeping email private is the fact that no matter how much you encrypt, use tor etc. youcan't escape the fact the person at the other end can always make a backup copy. The lesson here? If you really don't want something to get out into the world in one way or another DONT SEND IT.

Aww, poor corporations.

[evanbd]

Shall I shed a tear because you have more trouble hiding things from the public?

Re:surprise

[ZombieRoboNinja]

I hear this sort of advice on Slashdot a lot. "If you don't take [insert privacy procedure here], you're ASKING to get caught!" "Don't say anything over email you wouldn't shout in a crowded room!" And so on.

It's kind of dispiriting to me that so many people consider this an acceptable status quo. That you're not allowed to use the Internet, the DOMINANT new form of communication, the one that was supposed to "free" us somehow, without the expectation that everyone from Big Brother to your kid sister is watching over your shoulder.

Re:A few rights

[MLease]

My company owns my email like they own the oxygen I breath while I am working. In other words- they don't.

You do not become a street whore simply by agreeing to work for someone. Companies don't understand this. If allowed, they would claim every last cell of your body as their property.

While I agree with the second paragraph, I take issue with the first. If you are using company email servers and equipment, they do own the email. You don't get a free ride just because you work for the company. Everything you do on their systems has to follow their acceptable use policy, if they have one.

-Mike

Re:surprise

[Hebbinator]

I think you missed the point-

The "take privacy procedure" and "dont email anything you dont want to get in trouble for" advice in this case is not being applied to the general public - its for emails at WORK.

The internet was not made so you could say things that make you liable at your job and get away with it. Read the article - it effectively equates interoffice emails to official business. You are "allowed" to use the internet, and you can use it to communicate freely and easily; however, you can neither use company email anonymously nor without consequence, because it creates a permanent record.

I think that its reasonable to say "dont write anything in a COMPANY email that could get you fired/ be used in a lawsuit" just like you wouldnt write those kinds of things in an office-wide memo. Your work email is not private, it belongs to the company, which makes you and the company both responsible for it.

That's only half the story

[Moraelin]

Now I didn't RTFA, but even the summary seems to say a bit more. For a start, that they can look through deleted drafts on your hard drive and see what the email looked like before you actually edited and sent it. Or even if you don't send it at all.

Plus, screw email, we've already seen this kind of thing happen with edited Word documents, Excel files, or PDFs. Stuff that was never actually sent or published in any way is dug out of the document and used against you.

E.g., I remember a somewhat recent story on The Register where a politician was under fire over a donation she originally said she knew nothing about, but a some looking through the document history later, it looked like she or maybe her husband had a note in the document at some point to check if that's ok.

And now I'm all for accountability in politics, but there's nothing to say that it can't apply to your joke mailing list just the same.

E.g., basically, if your client sues your company about bad support, any emails where you told a coleague that that client is an asshat and shouldn't be taken seriously, can get dug out and used against you. That much was probably clear to you too. But here's the more important part: even if you _didn't_ actually send that email, if at some point you saved a draft, that too can be dug out and used as hint about your thought processes.

So it seems to me like the danger is even more insidious. Even if you think thrice before thinking an email, well, computers got us trained that all sort of transient information can be stored there for later. Even stuff you never intended to send, or notes to self for later, or whatever. Even trivial stuff that people used to just hold in their head, is now somewhere on the computer because it's easy to do so. And stuff that people would first roll around in their head before writing on paper, now gets written anyway and edited later, because it's easy to do so.

And then used as some kind of proof of how your train of thought went. Which was a rather private thing before.

Worse yet, it's now all in one place. So even if previously you'd keep your private thoughts in a diary, chances are it wouldn't get shown in court unless your character makes any difference (e.g., if you pleaded entrapment.) Or they might want to see your letters to your accountant, but not your letters to your mistress. Nowadays that hard drive is one big pot with _everything_. (Again, even transient stuff you deleted long ago and forgot that it was ever on that computer.) Once you got ordered to hand it over, someone _will_ poke his/her nose through everything on it. From business stuff, to your reminders in Outlook to go to Alcoholics Anonymous, to joke lists you're on, to God knows what else.

Sure, most of it probably won't be allowed in court or even presented. But you never know what might anyway. E.g., if you were hit with a sexual harassment or discrimination lawsuit, your porn browsing history or subscription to some dumb blondes jokes list might be interesting after all.

At any rate, _someone_ out there might end up knowing more about you than you thought possible. Even if you think twice before hitting the Send button.

Re:Simple Solution

[Damocles the Elder]

If you aren't doing anything wrong, you've got nothing to hide.

The problem with this is that you're saying everyone with access to these records is trustworthy. Which they aren't. The same argument and reply goes to ISPs logging emails and the government wiretapping without a warrant.

Solution?: Use DRAM SSD for email storage

[Zymergy]

What about the option of using an (albeit more expensive) (Volatile) DRAM-based SSD for your email servers?
If *someone* subpoenas it, kindly provide it (unplugged) with the any passwords and a full set of encryption keys...
(Assuming there are not already laws prohibiting a corporation from using a faster (700-1400MB/s @ 3s), more reliable (protected with both ECC and RAID), higher I/O preforming (3 million random IOPS), volatile DRAM SSD array for their email storage?)
"Here is my untouched email server storage device all boxed up and sealed as required per your subpoena order..."

504GB of DRAM would make a *nice* email storage device... (Violin 1010) http://www.violin-memory.com/products/violin1010.html [violin-memory.com]

Re:Wait, emails have taken over the world?!

[cbart387]

Old people use email.

I guess 23 is the new old then.

I'm surprised all the people that use webmail, even compsci students at my college. I think people would not be so swift to abandon it if they used an email client program. Emails in thunderbird are much quicker then using the mess that is facebook. It'll never rival IM but it's pretty darn close.

Re:Can this be done in real time?

[mollymoo]

It's machine time you're devoting and machine time is cheap. It takes the human a few minutes to start it going and the machine does the rest. I fairly recently had my NSLU2 (a tiny Linux box with a 266mHz ARM processor and 32 MiB of RAM) unzip a 57 GiB file. It took it five days. It took me less than 30 seconds.